{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T13:35:27.464","vulnerabilities":[{"cve":{"id":"CVE-2025-49312","sourceIdentifier":"audit@patchstack.com","published":"2025-06-17T15:15:48.363","lastModified":"2026-04-23T15:31:26.680","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeRevolution Echo RSS Feed Post Generator Plugin for WordPress rss-feed-post-generator-echo allows Reflected XSS.This issue affects Echo RSS Feed Post Generator Plugin for WordPress: from n/a through <= 5.4.8.1."},{"lang":"es","value":"La vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en CodeRevolution Echo RSS Feed Post Generator Plugin for WordPress permite XSS reflejado. Este problema afecta al plugin generador de publicaciones de feeds RSS Echo para WordPress desde la versión n/d hasta la 5.4.8.1."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.7}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/Wordpress/Plugin/rss-feed-post-generator-echo/vulnerability/wordpress-echo-rss-feed-post-generator-plugin-for-wordpress-plugin-5-4-8-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}]}